About me

I am a second-year Ph.D. student at the Pennsylvania State University, fortunate to be advised by Prof.Jinyuan Jia. My research focuses on LLM Security, AI agents and Evaluation.

I received my B.Eng in Artificial Intelligence from Wuhan University in 2024.

Research Interest

My research focuses on developing secure and reliable LLMs and AI agents. I study both the attack / vulnerabilities and defense / robustness / alignment of LLMs, with a particular focus on prompt injection. I also work on evaluating LLMs and AI agents under realistic and comprehensive settings.

Publications

* Equal contribution

• Runpeng Geng*, Chenlong Yin*, Yanting Wang, Ying Chen and Jinyuan Jia. PIArena: A Platform for Prompt Injection Evaluation, In ACL, 2026.
• Yanting Wang, Runpeng Geng, Ying Chen, Jinyuan Jia. AttnTrace: Attention-based Context Traceback for Long-Context LLMs., In IEEE S&P, 2026
• Wei Zou*, Runpeng Geng*, Binghui Wang, and Jinyuan Jia. PoisonedRAG: Knowledge Poisoning Attacks to Retrieval-Augmented Generation of Large Language Models, In USENIX Security Symposium, 2025.
• Yanting Wang*, Wei Zou*, Runpeng Geng, Binghui Wang, and Jinyuan Jia. TracLLM: A Generic Framework for Attributing Long Context LLMs, In USENIX Security Symposium, 2025.
• Yupei Liu, Yuqi Jia, Runpeng Geng, Jinyuan Jia, and Neil Zhenqiang Gong. Formalizing and Benchmarking Prompt Injection Attacks and Defenses, In USENIX Security Symposium, 2024.

Preprints

• Runpeng Geng, Yanting Wang, Chenlong Yin, Minhao Cheng, Ying Chen, Jinyuan Jia. PISanitizer: Preventing Prompt Injection to Long-Context LLMs via Prompt Sanitization.
• Runpeng Geng, Yanting Wang, Ying Chen, Jinyuan Jia. UniC-RAG: Universal Knowledge Corruption Attacks to Retrieval-Augmented Generation.
• Yanting Wang, Wei Zou, Runpeng Geng, Jinyuan Jia. AgentWatcher: A Rule-based Prompt Injection Monitor.
• Chenlong Yin, Runpeng Geng, Yanting Wang, Jinyuan Jia. PISmith: Reinforcement Learning-based Red Teaming for Prompt Injection Defenses.
• Yanting Wang, Runpeng Geng, Jinghui Chen, Minhao Cheng, Jinyuan Jia. TASO: Jailbreak LLMs via Alternative Template and Suffix Optimization.

Open Source Projects

• PIArena - lead contributor
• PoisonedRAG - lead contributor and co-first author
• Open-Prompt-Injection - co-author